Mardi Link reports: Munson Healthcare officials are investigating a cyber incident at Otsego Memorial Hospital in Gaylord, that in October prompted a shutdown of the hospital’s computer system. Munson Healthcare acquired Otsego Memorial in 2018 and a Munson spokesperson said the shutdown was limited to Gaylord only, and officials have no reason to believe patient…
Category: Health Data
New York Plans Cyber Rules for Hospitals
James Rundle reports: New York regulators Monday plan to issue cybersecurity regulations for hospitals, after a series of attacks crippled operations at medical facilities. Under draft rules reviewed by The Wall Street Journal, New York will require general hospitals to develop and test incident response plans, assess their cybersecurity risks and install security technologies such…
Michael Garron Hospital confirms some employee and clinician data stolen in cyberattack; Akira claims it stole 882,000 files
As the Toronto Star and CBC first reported last month, Michael Garron Hospital in Toronto has been investigating a cyberattack it discovered on October 23. In its update on October 26, the hospital reported that it was actively investigating what they labeled a “data security incident.” “At this time, there are no known impacts to…
McLaren Health Care notifying 2.2 million patients about the BlackCat attack in August
On September 30, AlphV threat actors (aka BlackCat) added McLaren Health Care to their dark web leak site. They updated their listing on October 4, claiming to have data on 2.5 million people. That same week, McLaren confirmed that they had been the victim of a ransomware attack it first detected on August 22. Michigan’s…
PJ&A data breach also affected millions of Northwell Health patients (1)
News12 on Long Island reports that the Perry Johnson & Associates (PJ&A) breach reported previously on this site has also affected Northwell Health, a major health system on Long Island. PJ&A is the same medical transcription service vendor whose breach affected 1.2 million patients of Cook County Health in Illinois. That health system was notified…
Bitter Pill: Third-Party Pharmaceutical Vendor Linked to Pharmacy and Health Clinic Cyberattack
Team Huntress writes: In a concerning development within the healthcare sector, Huntress has identified a series of unauthorized access that signifies internal reconnaissance and preparation for additional threat actor activity against multiple healthcare organizations. The attackers abused a locally hosted instance of a widely-used remote access tool, ScreenConnect—utilized by the company Transaction Data Systems (which…